Enom

Late last week, I shared news of Tucows’ acquisition of eNom. This is big news for a number of reasons, especially because Tucows will reportedly become the “second largest domain registrar in the world,” trailing GoDaddy.

One unfortunate side effect of this deal is layoffs. I ran into Bari Meyerson at NamesCon, and she shared the news that she was let go. I worked with Bari for a number of years at Moniker, and I continued to work with her when she went to work at eNom. On the infrequent occasions that I had an account management issue at eNom, she would either help solve it or connect me with the person who could.

I reached out to Rightside CEO Taryn Naidu to ask about the layoffs, and he told me the company made about 35 layoffs as a result of the deal. The company now has approximately 125 employees following the conclusion of the deal. Taryn felt it was important to note to me that “the 35 layoffs were not a result of performance or ability, but the ugly side of deals of this nature.”

It is unfortunate that layoffs resulted, and I would imagine it can be attributed to some job redundancy at the two companies. The good thing, I would think, is that there are now some experience domain industry veterans who may be looking for work in the domain space. Hopefully they land on their feet soon.

I just received some breaking news from Enom that I want to share with you. According to the email I received, Tucows has acquired Enom from Rightside. Both Tucows (TCX on NASDAQ) and Rightside (NAME on NASDAQ) are publicly traded companies. A press release published by Tucows reports that “Tucows will pay $83.5 million and the transaction is expected to be immediately accretive to earnings.” As noted in the press release, this deal will make the combined company the second largest domain registrar in the world behind GoDaddy.

I have not yet had time to think about the implications of this (or rationale for this deal). I am curious about why Rightside decided to sell Enom and what will happen with Rightside’s other domain registrar, Name.com, which it acquired in 2013 when Rightside was part of Demand Media. I am curious what will come of the relationship with NameJet, both on the buy and sell side since Tucows has a relationship with GoDaddy on its expiring inventory. I am also curious about how the Enom customer support and account management will change under new ownership. These things will become more clear in the coming days.

I want to share a warning with you regarding a spear phishing email I received that claimed to be from eNom and even used a “eNom” branded ccTLD domain name to carry out this scam. I consider it spearphishing rather than phishing because it contained information specific to the domain name that was mentioned, and these types of targeted phishing campaigns can be more confusing for recipients.

From what I know, phishing emails are the likely culprit for the majority of domain name thefts. Once a thief has access to a registrar account, he can change account details and begin the process of stealing domain names without the owner’s knowledge. It is important to remember that this type of email can target domain name owners at other registrars. Thieves can also use any domain name that looks official, so shutting this down is not as easy as turning off the domain name that is being used to carry out this campaign.

To best protect domain registrar accounts, it is important to turn on two factor authentication (2FA), which is offered by many domain registrars. eNom uses Google Authenticator as well as a two question account validation login for security. Other registrars use different methods of 2FA.

Andrew Allemann wrote about a phishing email he received purporting to by from Dynadot, and I received a very similar email purporting to be from Enom. The email was caught by Gmail in the spam/junk filter, so it looks like some mail providers have been catching on to these phishing attempt.

By my own observations, it seems that domain registrar phishing attempts are on the rise. This particular attack looks like it is more along the lines of a spear phishing attempt since it mentioned a specific domain name that is owned by my company rather than being randomly sent.

When a hacker is able to obtain account login information due to a successful phishing attempt, they can easily steal domain names from the account. While most seasoned domain investors would not fall prey to this, I would imagine there are people who own just a few domain names that might.

The best thing to do to secure domain registrar accounts, in my opinion, is to have two factor authentication enabled. Many registrars offer it, and it’s very important to set up.

This morning, I noticed that some of my domain name for sale landing pages were not resolving. My corporate website was online, so I assumed it was an issue at Enom because I use Enom’s nameservers to forward the domain names to their respective listings on my website.

I did a bit of investigating, and I saw that The Register had published an article about a DNS outage at Enom earlier this morning. I reached out to a couple of contacts at Enom and its Rightside parent company to get an update on the outage, and they provided an official statement:

I want to share a warning that I received from a reader about an apparent phishing email that seems to be targeting domain names registered at Enom. The domain name that was used has Enom in it, but it was not Enom.com.

The person who reported the email to me said, “I received 4 today for different domains. All CCC,com domains.” This may indicate that the person is targeting a specific type of domain name, so be on the lookout!

Phishing emails are dangerous because they can lead to stolen domain names. They tend to look like authentic emails from a domain registrar, and this leads to people clicking on them and entering information that would likely compromise their accounts. Domain thieves can then steal the domain names more easily.

I recommend that you use two factor authentication at your domain registrar and not click on any links within emails to ensure that you don’t fall prey to a phishing attempt. I also recommend reporting phishing attempts to the domain registrar so they can be aware of these phishing attempts.

Thank you to Richard for sharing this warning with me. The email he received is below, with the verification code and domain name removed from the email:

DomainInvesting.com is an award winning publication covering the specialized business of domain name investing, domain investment news and strategy. The publication is a news source for domain name sales, domain industry deals, and other topics related to domain investing and domain name branding.